Ransomware is ‘not a lightning strike’

A massive 77 per cent of respondents were running up to date endpoint protection when they were hit, proving that a new, innovative approach to cybersecurity must be established.

There seems to be no escape from ransomware as it is revealed that over 50 per cent of organisations were hit last year, on average at least two attacks were noted.

Ransomware gained a new high-profile in 2017 following attacks like WannaCry, but not just attacks of global notoriety result in crippling damage. The average cost of a ransomware attack to a business was found to be $133,000.

This concerning average cost is the combined price of the downtime, device cost, network cost, lost opportunity and manpower that is the result of a single ransomware attack. These statistics have been brought to light by the endpoint security specialist, Sophos.

Dan Schiappa, senior vice president and general manager of products, Sophos, said: “Ransomware is not a lightning strike – it can happen again and again to the same organisation. Cybercriminals are deploying multiple attack methods to succeed, whether using a mix of ransomware in a single campaign, taking advantage of a remote access opportunity, infecting a server, or disabling security software.”

The average cost is already eye watering, but the top-end cost is astronomical. Five per cent of respondents stated that between $1.3 million and $6.6 million was the range for the total cost.

“Due to this complexity and intelligence of modern threats, traditional endpoint technologies are often unable to keep up with advanced exploit attacks used to compromise a system,” said Schiappa.

Another worrying fact is that your organisation does not have to be cybersecurity negligent for an attack to be successful, everyone is at risk. More than 77 per cent of respondents hit by ransomware said they were running up to date endpoint protection when they were hit. This signals the critical need for innovative approaches to cybersecurity in general.

Alex Bradshaw, IT technician at Kimbolton School, a Sophos customer, said: “We suffered a ransomware attack that cost us 48 hours of downtime and lost productivity while we recovered. It was stressful and inconvenient for our faculty and students who rely on our IT operations every day. After that we deployed Intercept X, which took five minutes to install, and ten minutes for a full scan. We haven’t been affected by a ransomware attack since.”